Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-11-18 17:26:52
Prosím kontrolu logu.PC mi jede pouze v nouzovim režimu.
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 16 GB (35%) free of 45 GB
Total RAM: 1022 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:55, on 18.11.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Dokumenty\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\IPSBHO.DLL
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
--
End of file - 9504 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.alawarhry.cz"
prefs.js - "extensions.enabledItems" - "{BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.8"
prefs.js - "keyword.URL" - "http://search.avg.com/route/?d=4e832bd3 ... &lng=cs&q="
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG10\Firefox4\
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"avg@igeared"=C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\
AppGraffiti@AppGraffiti.com
inboxcomtoolbar@inbox.com
staged
{6a210611-2f33-4926-bf27-3fd9af8266eb}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\searchplugins\
inbox-hledn.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-09-09 2276704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll [2011-07-13 419768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.4.0.12\IPSBHO.DLL [2009-11-17 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]
AppGraffiti - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL [2011-07-13 266440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-07-26 2532680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2011-07-14 873976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-30 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-30 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.4.0.12\coIEPlg.dll [2011-07-13 419768]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-07-26 2532680]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2011-07-14 873976]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-09-05 417792]
"OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
"OPSE reminder"=C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe [2003-07-07 729088]
"Lexmark 1200 Series"=C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe [2006-07-13 57344]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-09-10 2338656]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"Steam"=D:\Program Files\Steam\Steam.exe [2011-08-23 1242448]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe
C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Game Alarm.lnk - C:\Games\Game Alarm\gamealarm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\EA Sports\NHL 99\nhl99.exe"="C:\Program Files\EA Sports\NHL 99\nhl99.exe:*:Disabled:nhl99"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Games\Game Alarm\gamealarm.exe"="C:\Games\Game Alarm\gamealarm.exe:*:Enabled:Gamealarm"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"D:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\cvrcek\Program Files\Age of Empires II\age2_x1.exe"="D:\cvrcek\Program Files\Age of Empires II\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\AVG\AVG10\avgdiagex.exe"="C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostika 2011"
"C:\Program Files\AVG\AVG10\avgnsx.exe"="C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
======List of files/folders created in the last 1 month======
2011-11-18 17:25:27 ----D---- C:\Program Files\trend micro
2011-11-18 17:25:26 ----D---- C:\rsit
2011-11-17 22:02:35 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-11-17 11:45:35 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-11-17 11:36:32 ----A---- C:\WINDOWS\ntbtlog.txt
2011-11-17 11:33:10 ----SHD---- C:\WINDOWS\CSC
2011-11-12 14:15:39 ----D---- C:\Program Files\MotherGaiaStudio
2011-11-12 13:18:21 ----D---- C:\ECSP MHD Simulator 2007
2011-11-04 22:02:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
2011-11-01 15:22:25 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-11-01 15:21:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-10-25 21:07:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\CropBusters
======List of files/folders modified in the last 1 month======
2011-11-18 17:25:27 ----RD---- C:\Program Files
2011-11-18 13:18:16 ----D---- C:\Program Files\Czech Soccer Manager 2002 FE
2011-11-18 12:23:24 ----D---- C:\WINDOWS\system32
2011-11-17 22:07:38 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-17 22:02:11 ----D---- C:\WINDOWS
2011-11-17 11:36:17 ----D---- C:\WINDOWS\SoftwareDistribution
2011-11-17 11:36:17 ----D---- C:\WINDOWS\Minidump
2011-11-17 11:36:16 ----D---- C:\WINDOWS\Temp
2011-11-14 17:35:48 ----A---- C:\WINDOWS\DUMP5bfa.tmp
2011-11-14 16:44:49 ----A---- C:\WINDOWS\DUMP5861.tmp
2011-11-14 16:32:45 ----A---- C:\WINDOWS\DUMP6d40.tmp
2011-11-14 16:24:55 ----A---- C:\WINDOWS\DUMP5eba.tmp
2011-11-14 16:23:00 ----A---- C:\WINDOWS\DUMP60dc.tmp
2011-11-14 16:14:47 ----D---- C:\WINDOWS\Prefetch
2011-11-14 15:51:38 ----A---- C:\WINDOWS\DUMP6c94.tmp
2011-11-14 15:23:15 ----A---- C:\WINDOWS\DUMP691a.tmp
2011-11-14 15:17:24 ----SHD---- C:\WINDOWS\Installer
2011-11-14 15:16:48 ----D---- C:\Program Files\Google
2011-11-13 19:19:45 ----D---- C:\temp
2011-11-12 14:20:18 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-11-12 14:16:09 ----RSD---- C:\WINDOWS\assembly
2011-11-12 14:16:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-11-12 14:16:05 ----HD---- C:\WINDOWS\inf
2011-11-12 14:16:05 ----D---- C:\WINDOWS\system32\DirectX
2011-11-09 13:18:12 ----A---- C:\WINDOWS\lexstat.ini
2011-11-08 16:44:22 ----D---- C:\Program Files\Hry.cz
2011-11-04 21:13:15 ----RSD---- C:\WINDOWS\Fonts
2011-11-04 21:12:18 ----D---- C:\Program Files\Common Files
2011-10-30 06:15:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-21 13:05:03 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS [2009-10-15 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS [2011-08-22 173176]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-04 44672]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17920]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys []
S1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys [2011-08-04 485512]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS [2010-04-22 43696]
S1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS [2010-04-29 116784]
S1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS [2011-08-22 362360]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
S3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSxpx86.sys []
S3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\NAVEX15.SYS []
S3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS [2010-04-22 325680]
S3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-08-30 153376]
S2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2006-04-17 311296]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe [2011-08-04 126400]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-07 167936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-07-26 1025352]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-20 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu-pouze nouzoví režim
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola logu-pouze nouzoví režim
Zdravim a pekny vecer preji 
Mala technicka na uvod - system je legalni = zakoupena licence 
Mala technicka na uvod - system je legalni = zakoupena licence "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola logu-pouze nouzoví režim
Dobrý den,moc se omlouvám počítač jsme dostali,takže netuším. bude to problém s pomocí? 
Re: kontrola logu-pouze nouzoví režim
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola logu-pouze nouzoví režim
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.CPFABR
----- EOF -----
scanner sequence 3.MN.11.CPFABR
----- EOF -----
Re: kontrola logu-pouze nouzoví režim
OTL logfile created on: 19.11.2011 21:58:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 634,09 Mb Available Physical Memory | 62,01% Memory free
2,41 Gb Paging File | 2,14 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 15,73 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 67,83 Gb Total Space | 32,44 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Computer Name: BIGC-8B78200F16 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.11.19 21:53:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\OTL.exe
PRC - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
PRC - [2011.07.09 05:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
MOD - [2011.07.09 05:51:17 | 000,329,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\ppgooglenaclpluginchrome.dll
MOD - [2011.07.09 05:51:16 | 003,649,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\pdf.dll
MOD - [2011.07.09 05:50:09 | 000,321,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\Locales\cs.dll
MOD - [2011.07.09 05:49:50 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avutil-50.dll
MOD - [2011.07.09 05:49:48 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avformat-52.dll
MOD - [2011.07.09 05:49:47 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avcodec-52.dll
MOD - [2011.07.09 03:31:29 | 006,333,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\gcswf32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011.07.26 09:16:02 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.09.02 20:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
========== Driver Services (SafeList) ==========
DRV - [2011.08.22 03:53:36 | 000,362,360 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2011.08.22 03:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2011.08.04 05:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys -- (ccHP)
DRV - [2011.04.04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.02.22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010.11.20 10:36:43 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\navex15.sys -- (NAVEX15)
DRV - [2010.11.20 10:36:43 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.11.20 10:36:43 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\naveng.sys -- (NAVENG)
DRV - [2010.11.20 10:32:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.11.04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.10.19 21:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010.04.29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010.04.22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010.04.22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS -- (SymDS)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.18 17:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.10.17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004.05.13 14:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 12:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.alawarhry.cz"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://www.seznam.cz/firefox/"
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4e832bd3 ... &lng=cs&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011.07.21 14:31:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011.11.14 16:12:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.10.14 13:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011.10.01 05:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.04 13:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.30 09:43:51 | 000,000,000 | ---D | M]
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions
[2010.12.09 19:05:03 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{6a210611-2f33-4926-bf27-3fd9af8266eb}
[2011.08.08 07:37:43 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.02 11:25:54 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\AppGraffiti@AppGraffiti.com
[2011.07.24 14:06:50 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\inboxcomtoolbar@inbox.com
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\staged
[2011.08.04 13:39:18 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\searchplugins\inbox-hledn.xml
[2011.11.04 21:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.30 09:43:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.08.04 13:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.08.04 13:38:35 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\APPGRAFFITI@APPGRAFFITI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\INBOXCOMTOOLBAR@INBOX.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011.10.14 13:31:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.10.01 05:15:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.008.031.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011.08.30 09:43:39 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.07.16 21:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.16 05:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.30 09:43:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://search.avg.com/?d=4e1f31b2&v=7.5 ... earchTerms}
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F9B8586-97B8-414C-AD70-3860E031EB09}: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.20 10:18:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Error creating restore point.
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.11.19 07:38:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.11.18 17:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.18 17:25:26 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.17 11:45:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
[2011.11.17 11:45:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.11.17 11:33:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.11.14 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.19 12:37:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011.11.14 16:30:52 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.14 16:13:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.14 15:17:13 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.17 22:02:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 15:17:13 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.08.08 21:44:42 | 000,307,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.08.08 21:17:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.06.12 19:30:32 | 000,112,640 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2011.05.17 15:11:11 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.05.17 15:04:48 | 000,000,253 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.05.17 15:04:44 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.12.29 14:45:31 | 000,002,103 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.12.29 14:42:58 | 000,000,294 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.12.29 14:13:11 | 000,000,436 | ---- | C] () -- C:\WINDOWS\Marias.ini
[2010.11.25 12:19:00 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.23 17:40:57 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.11.23 15:10:54 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.22 18:19:12 | 000,000,434 | ---- | C] () -- C:\WINDOWS\MCT.INI
[2010.11.22 14:52:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.21 11:06:58 | 000,000,345 | ---- | C] () -- C:\WINDOWS\level.ini
[2010.11.20 14:24:58 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.11.20 12:10:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.20 12:10:34 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.11.20 12:10:29 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.20 12:10:29 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.20 12:10:29 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.20 12:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.20 11:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.11.20 11:46:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.20 11:45:36 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.11.20 11:45:19 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.20 11:27:27 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.20 11:27:03 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.11.20 11:26:56 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010.11.20 10:20:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.20 10:15:57 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.02.11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.04.17 18:45:38 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2006.03.29 08:43:38 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\ALZZip.BIN
[2006.03.29 08:43:36 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\ALZALZ.BIN
[2006.01.30 13:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2004.08.17 14:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.13 08:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,428,750 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,077,872 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.01.19 08:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
========== LOP Check ==========
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
[2011.09.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarGameBox
[2011.09.13 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.12.12 20:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aliasworlds
[2011.07.14 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.28 15:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2011.07.14 19:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.07.13 16:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.05.17 15:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CasualForge
[2011.07.14 19:12:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.25 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2011.07.16 11:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DreamFarm
[2011.11.05 08:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
[2011.07.16 07:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy-PizzaParty
[2011.07.16 09:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.09.11 07:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
[2011.07.16 21:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_America
[2011.07.17 16:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Arctica
[2011.07.13 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
[2011.07.14 16:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Russia
[2011.07.16 10:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy_Rome
[2010.12.25 09:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Firefly Studios
[2011.07.14 19:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.09.12 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2011.08.31 16:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\MP130,110\*.tmp files -> C:\WINDOWS\MP130,110\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.25 10:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2011.06.12 19:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.06.12 19:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2010.11.20 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.11.20 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESTsoft
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2010.11.20 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2011.05.17 15:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.11.20 10:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010.11.20 11:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2011.09.28 15:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.11.12 14:20:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.11.20 22:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.07.14 19:35:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.11.04 21:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2010.11.20 12:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
< %APPDATA%\*.exe /s >
[2010.11.20 11:43:00 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.11.20 11:44:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.20 11:44:32 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.20 11:44:32 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 14:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.12.23 18:05:20 | 000,143,360 | ---- | M] (Nero AG)
"Steam" = "D:\Program Files\Steam\Steam.exe" -silent -- [2011.08.23 12:34:22 | 001,242,448 | ---- | M] (Valve Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () MD5=9818C807D3225000DBEBC9D354FC602A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2006.07.09 18:42:40 | 000,049,206 | ---- | M] () -- \Program Files\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
< *keygen* /s >
< *loader* /s >
[2011.08.30 13:20:41 | 000,339,609 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Downloader_Metin2_cz.exe
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2007.11.06 16:43:54 | 000,007,380 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\external\ion_sports07\fw\commonLoader.big
[2007.10.23 08:57:06 | 000,000,288 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\game\globalClasses\classLoader.big
[2010.12.09 19:37:38 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[10 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.11.13 09:54:36 | 000,070,944 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.07.15 12:32:40 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 634,09 Mb Available Physical Memory | 62,01% Memory free
2,41 Gb Paging File | 2,14 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 15,73 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 67,83 Gb Total Space | 32,44 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Computer Name: BIGC-8B78200F16 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.11.19 21:53:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\OTL.exe
PRC - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
PRC - [2011.07.09 05:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
MOD - [2011.07.09 05:51:17 | 000,329,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\ppgooglenaclpluginchrome.dll
MOD - [2011.07.09 05:51:16 | 003,649,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\pdf.dll
MOD - [2011.07.09 05:50:09 | 000,321,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\Locales\cs.dll
MOD - [2011.07.09 05:49:50 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avutil-50.dll
MOD - [2011.07.09 05:49:48 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avformat-52.dll
MOD - [2011.07.09 05:49:47 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avcodec-52.dll
MOD - [2011.07.09 03:31:29 | 006,333,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\gcswf32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011.07.26 09:16:02 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.09.02 20:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
========== Driver Services (SafeList) ==========
DRV - [2011.08.22 03:53:36 | 000,362,360 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2011.08.22 03:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2011.08.04 05:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys -- (ccHP)
DRV - [2011.04.04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.02.22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010.11.20 10:36:43 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\navex15.sys -- (NAVEX15)
DRV - [2010.11.20 10:36:43 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.11.20 10:36:43 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\naveng.sys -- (NAVENG)
DRV - [2010.11.20 10:32:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.11.04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.10.19 21:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010.04.29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010.04.22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010.04.22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS -- (SymDS)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.18 17:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.10.17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004.05.13 14:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 12:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.alawarhry.cz"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://www.seznam.cz/firefox/"
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4e832bd3 ... &lng=cs&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011.07.21 14:31:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011.11.14 16:12:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.10.14 13:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011.10.01 05:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.04 13:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.30 09:43:51 | 000,000,000 | ---D | M]
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions
[2010.12.09 19:05:03 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{6a210611-2f33-4926-bf27-3fd9af8266eb}
[2011.08.08 07:37:43 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.02 11:25:54 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\AppGraffiti@AppGraffiti.com
[2011.07.24 14:06:50 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\inboxcomtoolbar@inbox.com
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\staged
[2011.08.04 13:39:18 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\searchplugins\inbox-hledn.xml
[2011.11.04 21:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.30 09:43:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.08.04 13:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.08.04 13:38:35 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\APPGRAFFITI@APPGRAFFITI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\INBOXCOMTOOLBAR@INBOX.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011.10.14 13:31:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.10.01 05:15:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.008.031.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011.08.30 09:43:39 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.07.16 21:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.16 05:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.30 09:43:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://search.avg.com/?d=4e1f31b2&v=7.5 ... earchTerms}
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F9B8586-97B8-414C-AD70-3860E031EB09}: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.20 10:18:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Error creating restore point.
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.11.19 07:38:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.11.18 17:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.18 17:25:26 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.17 11:45:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
[2011.11.17 11:45:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.11.17 11:33:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.11.14 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.19 12:37:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011.11.14 16:30:52 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.14 16:13:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.14 15:17:13 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.17 22:02:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 15:17:13 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.08.08 21:44:42 | 000,307,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.08.08 21:17:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.06.12 19:30:32 | 000,112,640 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2011.05.17 15:11:11 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.05.17 15:04:48 | 000,000,253 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.05.17 15:04:44 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.12.29 14:45:31 | 000,002,103 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.12.29 14:42:58 | 000,000,294 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.12.29 14:13:11 | 000,000,436 | ---- | C] () -- C:\WINDOWS\Marias.ini
[2010.11.25 12:19:00 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.23 17:40:57 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.11.23 15:10:54 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.22 18:19:12 | 000,000,434 | ---- | C] () -- C:\WINDOWS\MCT.INI
[2010.11.22 14:52:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.21 11:06:58 | 000,000,345 | ---- | C] () -- C:\WINDOWS\level.ini
[2010.11.20 14:24:58 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.11.20 12:10:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.20 12:10:34 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.11.20 12:10:29 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.20 12:10:29 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.20 12:10:29 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.20 12:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.20 11:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.11.20 11:46:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.20 11:45:36 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.11.20 11:45:19 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.20 11:27:27 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.20 11:27:03 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.11.20 11:26:56 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010.11.20 10:20:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.20 10:15:57 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.02.11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.04.17 18:45:38 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2006.03.29 08:43:38 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\ALZZip.BIN
[2006.03.29 08:43:36 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\ALZALZ.BIN
[2006.01.30 13:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2004.08.17 14:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.13 08:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,428,750 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,077,872 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.01.19 08:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
========== LOP Check ==========
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
[2011.09.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarGameBox
[2011.09.13 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.12.12 20:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aliasworlds
[2011.07.14 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.28 15:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2011.07.14 19:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.07.13 16:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.05.17 15:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CasualForge
[2011.07.14 19:12:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.25 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2011.07.16 11:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DreamFarm
[2011.11.05 08:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
[2011.07.16 07:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy-PizzaParty
[2011.07.16 09:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.09.11 07:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
[2011.07.16 21:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_America
[2011.07.17 16:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Arctica
[2011.07.13 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
[2011.07.14 16:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Russia
[2011.07.16 10:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy_Rome
[2010.12.25 09:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Firefly Studios
[2011.07.14 19:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.09.12 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2011.08.31 16:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\MP130,110\*.tmp files -> C:\WINDOWS\MP130,110\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.25 10:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2011.06.12 19:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.06.12 19:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2010.11.20 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.11.20 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESTsoft
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2010.11.20 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2011.05.17 15:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.11.20 10:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010.11.20 11:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2011.09.28 15:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.11.12 14:20:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.11.20 22:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.07.14 19:35:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.11.04 21:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2010.11.20 12:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
< %APPDATA%\*.exe /s >
[2010.11.20 11:43:00 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.11.20 11:44:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.20 11:44:32 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.20 11:44:32 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 14:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.12.23 18:05:20 | 000,143,360 | ---- | M] (Nero AG)
"Steam" = "D:\Program Files\Steam\Steam.exe" -silent -- [2011.08.23 12:34:22 | 001,242,448 | ---- | M] (Valve Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () MD5=9818C807D3225000DBEBC9D354FC602A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2006.07.09 18:42:40 | 000,049,206 | ---- | M] () -- \Program Files\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
< *keygen* /s >
< *loader* /s >
[2011.08.30 13:20:41 | 000,339,609 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Downloader_Metin2_cz.exe
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2007.11.06 16:43:54 | 000,007,380 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\external\ion_sports07\fw\commonLoader.big
[2007.10.23 08:57:06 | 000,000,288 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\game\globalClasses\classLoader.big
[2010.12.09 19:37:38 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[10 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.11.13 09:54:36 | 000,070,944 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.07.15 12:32:40 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
Re: kontrola logu-pouze nouzoví režim
OTL logfile created on: 19.11.2011 21:58:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 634,09 Mb Available Physical Memory | 62,01% Memory free
2,41 Gb Paging File | 2,14 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 15,73 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 67,83 Gb Total Space | 32,44 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Computer Name: BIGC-8B78200F16 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.11.19 21:53:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\OTL.exe
PRC - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
PRC - [2011.07.09 05:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
MOD - [2011.07.09 05:51:17 | 000,329,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\ppgooglenaclpluginchrome.dll
MOD - [2011.07.09 05:51:16 | 003,649,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\pdf.dll
MOD - [2011.07.09 05:50:09 | 000,321,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\Locales\cs.dll
MOD - [2011.07.09 05:49:50 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avutil-50.dll
MOD - [2011.07.09 05:49:48 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avformat-52.dll
MOD - [2011.07.09 05:49:47 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avcodec-52.dll
MOD - [2011.07.09 03:31:29 | 006,333,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\gcswf32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011.07.26 09:16:02 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.09.02 20:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
========== Driver Services (SafeList) ==========
DRV - [2011.08.22 03:53:36 | 000,362,360 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2011.08.22 03:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2011.08.04 05:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys -- (ccHP)
DRV - [2011.04.04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.02.22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010.11.20 10:36:43 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\navex15.sys -- (NAVEX15)
DRV - [2010.11.20 10:36:43 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.11.20 10:36:43 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\naveng.sys -- (NAVENG)
DRV - [2010.11.20 10:32:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.11.04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.10.19 21:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010.04.29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010.04.22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010.04.22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS -- (SymDS)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.18 17:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.10.17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004.05.13 14:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 12:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.alawarhry.cz"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://www.seznam.cz/firefox/"
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4e832bd3 ... &lng=cs&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011.07.21 14:31:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011.11.14 16:12:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.10.14 13:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011.10.01 05:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.04 13:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.30 09:43:51 | 000,000,000 | ---D | M]
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions
[2010.12.09 19:05:03 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{6a210611-2f33-4926-bf27-3fd9af8266eb}
[2011.08.08 07:37:43 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.02 11:25:54 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\AppGraffiti@AppGraffiti.com
[2011.07.24 14:06:50 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\inboxcomtoolbar@inbox.com
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\staged
[2011.08.04 13:39:18 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\searchplugins\inbox-hledn.xml
[2011.11.04 21:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.30 09:43:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.08.04 13:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.08.04 13:38:35 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\APPGRAFFITI@APPGRAFFITI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\INBOXCOMTOOLBAR@INBOX.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011.10.14 13:31:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.10.01 05:15:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.008.031.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011.08.30 09:43:39 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.07.16 21:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.16 05:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.30 09:43:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://search.avg.com/?d=4e1f31b2&v=7.5 ... earchTerms}
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F9B8586-97B8-414C-AD70-3860E031EB09}: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.20 10:18:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Error creating restore point.
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.11.19 07:38:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.11.18 17:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.18 17:25:26 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.17 11:45:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
[2011.11.17 11:45:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.11.17 11:33:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.11.14 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.19 12:37:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011.11.14 16:30:52 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.14 16:13:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.14 15:17:13 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.17 22:02:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 15:17:13 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.08.08 21:44:42 | 000,307,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.08.08 21:17:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.06.12 19:30:32 | 000,112,640 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2011.05.17 15:11:11 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.05.17 15:04:48 | 000,000,253 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.05.17 15:04:44 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.12.29 14:45:31 | 000,002,103 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.12.29 14:42:58 | 000,000,294 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.12.29 14:13:11 | 000,000,436 | ---- | C] () -- C:\WINDOWS\Marias.ini
[2010.11.25 12:19:00 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.23 17:40:57 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.11.23 15:10:54 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.22 18:19:12 | 000,000,434 | ---- | C] () -- C:\WINDOWS\MCT.INI
[2010.11.22 14:52:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.21 11:06:58 | 000,000,345 | ---- | C] () -- C:\WINDOWS\level.ini
[2010.11.20 14:24:58 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.11.20 12:10:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.20 12:10:34 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.11.20 12:10:29 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.20 12:10:29 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.20 12:10:29 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.20 12:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.20 11:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.11.20 11:46:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.20 11:45:36 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.11.20 11:45:19 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.20 11:27:27 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.20 11:27:03 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.11.20 11:26:56 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010.11.20 10:20:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.20 10:15:57 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.02.11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.04.17 18:45:38 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2006.03.29 08:43:38 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\ALZZip.BIN
[2006.03.29 08:43:36 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\ALZALZ.BIN
[2006.01.30 13:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2004.08.17 14:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.13 08:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,428,750 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,077,872 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.01.19 08:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
========== LOP Check ==========
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
[2011.09.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarGameBox
[2011.09.13 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.12.12 20:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aliasworlds
[2011.07.14 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.28 15:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2011.07.14 19:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.07.13 16:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.05.17 15:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CasualForge
[2011.07.14 19:12:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.25 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2011.07.16 11:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DreamFarm
[2011.11.05 08:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
[2011.07.16 07:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy-PizzaParty
[2011.07.16 09:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.09.11 07:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
[2011.07.16 21:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_America
[2011.07.17 16:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Arctica
[2011.07.13 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
[2011.07.14 16:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Russia
[2011.07.16 10:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy_Rome
[2010.12.25 09:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Firefly Studios
[2011.07.14 19:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.09.12 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2011.08.31 16:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\MP130,110\*.tmp files -> C:\WINDOWS\MP130,110\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.25 10:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2011.06.12 19:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.06.12 19:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2010.11.20 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.11.20 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESTsoft
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2010.11.20 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2011.05.17 15:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.11.20 10:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010.11.20 11:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2011.09.28 15:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.11.12 14:20:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.11.20 22:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.07.14 19:35:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.11.04 21:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2010.11.20 12:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
< %APPDATA%\*.exe /s >
[2010.11.20 11:43:00 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.11.20 11:44:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.20 11:44:32 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.20 11:44:32 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 14:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.12.23 18:05:20 | 000,143,360 | ---- | M] (Nero AG)
"Steam" = "D:\Program Files\Steam\Steam.exe" -silent -- [2011.08.23 12:34:22 | 001,242,448 | ---- | M] (Valve Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () MD5=9818C807D3225000DBEBC9D354FC602A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2006.07.09 18:42:40 | 000,049,206 | ---- | M] () -- \Program Files\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
< *keygen* /s >
< *loader* /s >
[2011.08.30 13:20:41 | 000,339,609 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Downloader_Metin2_cz.exe
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2007.11.06 16:43:54 | 000,007,380 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\external\ion_sports07\fw\commonLoader.big
[2007.10.23 08:57:06 | 000,000,288 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\game\globalClasses\classLoader.big
[2010.12.09 19:37:38 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[10 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.11.13 09:54:36 | 000,070,944 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.07.15 12:32:40 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 634,09 Mb Available Physical Memory | 62,01% Memory free
2,41 Gb Paging File | 2,14 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 15,73 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 67,83 Gb Total Space | 32,44 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Computer Name: BIGC-8B78200F16 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.11.19 21:53:18 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\OTL.exe
PRC - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
PRC - [2011.07.09 05:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2011.11.19 21:46:45 | 000,459,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Downloads\CKScanner (5).exe
MOD - [2011.07.09 05:51:17 | 000,329,272 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\ppgooglenaclpluginchrome.dll
MOD - [2011.07.09 05:51:16 | 003,649,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\pdf.dll
MOD - [2011.07.09 05:50:09 | 000,321,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\Locales\cs.dll
MOD - [2011.07.09 05:49:50 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avutil-50.dll
MOD - [2011.07.09 05:49:48 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avformat-52.dll
MOD - [2011.07.09 05:49:47 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\avcodec-52.dll
MOD - [2011.07.09 03:31:29 | 006,333,088 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\12.0.742.122\gcswf32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.08.04 05:18:43 | 000,126,400 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton 360\Engine\4.4.0.12\ccSvcHst.exe -- (N360)
SRV - [2011.07.26 09:16:02 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.02.08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.09.02 20:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
========== Driver Services (SafeList) ==========
DRV - [2011.08.22 03:53:36 | 000,362,360 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2011.08.22 03:53:35 | 000,173,176 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2011.08.04 05:19:30 | 000,485,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\ccHPx86.sys -- (ccHP)
DRV - [2011.04.04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.02.22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010.11.20 10:36:43 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\navex15.sys -- (NAVEX15)
DRV - [2010.11.20 10:36:43 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.11.20 10:36:43 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101119.039\naveng.sys -- (NAVENG)
DRV - [2010.11.20 10:32:07 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010.11.04 15:02:36 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.10.19 21:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010.04.29 06:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010.04.22 03:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0404000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010.04.22 03:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.15 04:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0404000.00C\SYMDS.SYS -- (SymDS)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.18 17:39:58 | 000,017,920 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.10.17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004.05.13 14:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 12:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.alawarhry.cz"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://www.seznam.cz/firefox/"
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4e832bd3 ... &lng=cs&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2011.07.21 14:31:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn_2010_9_0_6 [2011.11.14 16:12:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.10.14 13:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011.10.01 05:15:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.04 13:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.30 09:43:51 | 000,000,000 | ---D | M]
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions
[2010.12.09 19:05:03 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{6a210611-2f33-4926-bf27-3fd9af8266eb}
[2011.08.08 07:37:43 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.10.02 11:25:54 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\AppGraffiti@AppGraffiti.com
[2011.07.24 14:06:50 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\inboxcomtoolbar@inbox.com
[2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\staged
[2011.08.04 13:39:18 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\searchplugins\inbox-hledn.xml
[2011.11.04 21:12:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.30 09:43:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.08.04 13:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.08.04 13:38:35 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\APPGRAFFITI@APPGRAFFITI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\INBOXCOMTOOLBAR@INBOX.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN
[2011.10.14 13:31:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.10.01 05:15:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.008.031.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011.08.30 09:43:39 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.07.16 21:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.16 05:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.30 09:43:38 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://search.avg.com/?d=4e1f31b2&v=7.5 ... earchTerms}
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\12.0.742.122\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.4.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.4.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Lexmark 1200 Series] C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OPSE reminder] C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-583907252-1454471165-725345543-500..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F9B8586-97B8-414C-AD70-3860E031EB09}: DhcpNameServer = 81.19.34.2 81.19.33.2 195.146.96.178
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.20 10:18:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Error creating restore point.
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.11.19 07:38:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.11.18 17:25:27 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.11.18 17:25:26 | 000,000,000 | ---D | C] -- C:\rsit
[2011.11.17 11:45:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Nástroje pro správu
[2011.11.17 11:45:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011.11.17 11:33:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.11.14 15:17:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Earth
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.19 12:37:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2011.11.14 16:30:52 | 000,000,950 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.14 16:13:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.14 15:17:13 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.11.19 22:01:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.17 22:02:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.11.14 15:17:13 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.08.08 21:44:42 | 000,307,704 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.08.08 21:17:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.06.12 19:30:32 | 000,112,640 | ---- | C] () -- C:\WINDOWS\lsb_un20.exe
[2011.05.17 15:11:11 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.05.17 15:04:48 | 000,000,253 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.05.17 15:04:44 | 000,000,076 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2010.12.29 14:45:31 | 000,002,103 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.12.29 14:42:58 | 000,000,294 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.12.29 14:13:11 | 000,000,436 | ---- | C] () -- C:\WINDOWS\Marias.ini
[2010.11.25 12:19:00 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.23 17:40:57 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.11.23 15:10:54 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.11.22 18:19:12 | 000,000,434 | ---- | C] () -- C:\WINDOWS\MCT.INI
[2010.11.22 14:52:00 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.11.21 11:06:58 | 000,000,345 | ---- | C] () -- C:\WINDOWS\level.ini
[2010.11.20 14:24:58 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.11.20 12:10:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.20 12:10:34 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.11.20 12:10:29 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.20 12:10:29 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.20 12:10:29 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.20 12:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.20 11:48:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.11.20 11:46:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.20 11:45:36 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.11.20 11:45:19 | 000,200,936 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.11.20 11:27:27 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.20 11:27:03 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.11.20 11:26:56 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010.11.20 10:20:57 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.20 10:15:57 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.02.11 05:12:00 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.02.11 05:12:00 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009.04.23 23:29:16 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.10.22 04:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.04.17 18:45:38 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LEXPING.EXE
[2006.03.29 08:43:38 | 000,042,496 | ---- | C] () -- C:\WINDOWS\System32\ALZZip.BIN
[2006.03.29 08:43:36 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\ALZALZ.BIN
[2006.01.30 13:42:22 | 000,000,270 | ---- | C] () -- C:\WINDOWS\System32\lxczcoin.ini
[2004.08.17 14:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 13:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.13 08:40:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxczvs.dll
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,428,750 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,077,872 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.01.19 08:50:20 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
========== LOP Check ==========
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
[2011.09.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarGameBox
[2011.09.13 21:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2010.12.12 20:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aliasworlds
[2011.07.14 15:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.09.28 15:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2011.07.14 19:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.07.13 16:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.05.17 15:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CasualForge
[2011.07.14 19:12:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.25 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2011.07.16 11:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DreamFarm
[2011.11.05 08:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
[2011.07.16 07:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy-PizzaParty
[2011.07.16 09:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2011.09.11 07:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
[2011.07.16 21:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_America
[2011.07.17 16:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Arctica
[2011.07.13 17:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Madagascar
[2011.07.14 16:47:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Russia
[2011.07.16 10:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy_Rome
[2010.12.25 09:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Firefly Studios
[2011.07.14 19:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.09.12 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\rionix
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2010.11.23 17:40:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2011.08.31 16:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.11.14 16:31:01 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\WGASetup.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\MP130,110\*.tmp files -> C:\WINDOWS\MP130,110\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[2 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.25 10:30:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2011.06.12 19:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2011.08.09 17:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AppGraffiti
[2010.11.26 21:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Archibald's Adventures
[2011.06.12 19:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2010.11.20 11:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.07.14 19:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.09.05 13:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Awem
[2011.10.12 17:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Boolat Games
[2011.07.13 17:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CasualForge
[2010.12.13 11:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EleFun Games
[2011.09.13 18:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\EnchantedCavern
[2010.11.20 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ESTsoft
[2010.12.12 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Gaijin Ent
[2010.11.20 12:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2011.05.17 15:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.11.20 10:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2011.07.24 14:06:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Inbox Toolbar
[2010.12.09 19:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ladia Group
[2010.11.26 22:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Leadertech
[2010.11.20 11:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.09.12 18:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MB3
[2011.09.28 15:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.11.12 14:20:18 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.11.20 12:09:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2010.11.20 22:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
[2010.11.20 12:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2011.05.15 21:38:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Plan It Green Files
[2010.11.23 17:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ScanSoft
[2011.07.14 19:35:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
[2011.01.11 16:53:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sierra
[2011.11.04 21:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.09.12 18:49:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SmashFrenzy3
[2011.01.29 15:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sports Interactive
[2010.11.20 14:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Summer Athletics 2008
[2010.11.20 12:12:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.07.13 18:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Tific
< %APPDATA%\*.exe /s >
[2010.11.20 11:43:00 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.11.20 11:44:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.11.20 11:44:32 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.11.20 11:44:32 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.11.18 12:23:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2011.11.19 12:37:24 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 14:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.12.23 18:05:20 | 000,143,360 | ---- | M] (Nero AG)
"Steam" = "D:\Program Files\Steam\Steam.exe" -silent -- [2011.08.23 12:34:22 | 001,242,448 | ---- | M] (Valve Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.11.19 22:01:35 | 000,000,512 | ---- | M] () MD5=9818C807D3225000DBEBC9D354FC602A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2006.07.09 18:42:40 | 000,049,206 | ---- | M] () -- \Program Files\Mafia\Modern Mod 2.0_maps\mazda_mx5_crackedglass128a.bmp
< *keygen* /s >
< *loader* /s >
[2011.08.30 13:20:41 | 000,339,609 | ---- | M] () -- \Documents and Settings\Administrator\Dokumenty\Downloads\Downloader_Metin2_cz.exe
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2007.11.06 16:43:54 | 000,007,380 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\external\ion_sports07\fw\commonLoader.big
[2007.10.23 08:57:06 | 000,000,288 | ---- | M] () -- \Program Files\EA Sports\FIFA 09\osdkdata\game\globalClasses\classLoader.big
[2010.12.09 19:37:38 | 000,421,888 | ---- | M] () -- \WINDOWS\NEXON_EU_DownloaderUpdater.exe
[10 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.11.13 09:54:36 | 000,070,944 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.07.15 12:32:40 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
Re: kontrola logu-pouze nouzoví režim
OTL Extras logfile created on: 19.11.2011 21:58:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 634,09 Mb Available Physical Memory | 62,01% Memory free
2,41 Gb Paging File | 2,14 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 15,73 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 67,83 Gb Total Space | 32,44 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Computer Name: BIGC-8B78200F16 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\EA Sports\NHL 99\nhl99.exe" = C:\Program Files\EA Sports\NHL 99\nhl99.exe:*:Disabled:nhl99
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Games\Game Alarm\gamealarm.exe" = C:\Games\Game Alarm\gamealarm.exe:*:Enabled:Gamealarm -- (Europe Support Ltd. N.V.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"D:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\cvrcek\Program Files\Age of Empires II\age2_x1.exe" = D:\cvrcek\Program Files\Age of Empires II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostika 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2B04D44F-1D1B-4E0E-8431-D04F87C21029}" = Nero 7 Essentials
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7D543DFE-6459-462A-9A62-B5B012B1DCF1}" = AVG 2011
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8D13EC59-1F8D-4988-8523-D5E8C2724C1D}" = Beowulf TM
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D95ED581-3C67-4BB4-AA50-DDCC6A97226D}" = ArcSoft PhotoStudio 5.5
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AlawarGameBox" = Alawar Game Box
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ALZip_is1" = ALZip
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Czech Soccer Manager 2002 FE" = Czech Soccer Manager 2002 FE
"Easy-WebPrint" = Easy-WebPrint
"ECSP MHD Simulator 2007" = ECSP MHD Simulator 2007
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"Lexmark 1200 Series" = Lexmark 1200 Series
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"N360" = Norton 360
"NVIDIA Drivers" = NVIDIA Drivers
"Sierra Utilities" = Sierra Utilities
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"gamealarm-DEFAULT" = Game Alarm
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.11.2011 15:15:05 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:00:43 | Computer Name = BIGC-8B78200F16 | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 109.0.4.9, chybující modul
ntdll.dll, verze 5.1.2600.3520, adresa chyby 0x00018af2.
Error - 11.11.2011 12:03:09 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:07:01 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:07:20 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:31:33 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 13.11.2011 2:40:58 | Computer Name = BIGC-8B78200F16 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 13.11.2011 15:32:58 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 13.11.2011 17:31:52 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.11.2011 16:52:32 | Computer Name = BIGC-8B78200F16 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.2180, chybující modul
medialibrarynse.dll, verze 1.5.13.0, adresa chyby 0x0000279d.
[ System Events ]
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:29 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Administrator\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 634,09 Mb Available Physical Memory | 62,01% Memory free
2,41 Gb Paging File | 2,14 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 15,73 Gb Free Space | 35,79% Space Free | Partition Type: NTFS
Drive D: | 67,83 Gb Total Space | 32,44 Gb Free Space | 47,83% Space Free | Partition Type: NTFS
Computer Name: BIGC-8B78200F16 | User Name: Administrator | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Program Files\EA Sports\NHL 99\nhl99.exe" = C:\Program Files\EA Sports\NHL 99\nhl99.exe:*:Disabled:nhl99
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
"C:\Games\Game Alarm\gamealarm.exe" = C:\Games\Game Alarm\gamealarm.exe:*:Enabled:Gamealarm -- (Europe Support Ltd. N.V.)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"D:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe" = D:\Grand Theft Auto IV\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV
"D:\Program Files\Steam\Steam.exe" = D:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"D:\cvrcek\Program Files\Age of Empires II\age2_x1.exe" = D:\cvrcek\Program Files\Age of Empires II\age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostika 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07021185-008D-ABF9-7716-475AC035F8B3}" = CCC Help Spanish
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0F8D0406-7755-AC37-6529-73AD649DBE32}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22072CC8-7230-96F8-52F4-05EAF3F906B6}" = CCC Help Polish
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2368ADBD-6FDF-4B9F-FE41-E20B4D78E79E}" = CCC Help Chinese Standard
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{25EF0DC4-B072-2E04-4581-A13C91423CE6}" = CCC Help Portuguese
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 27
"{26F7855C-443B-00A6-F7B8-A97A5403F617}" = CCC Help Danish
"{2B04D44F-1D1B-4E0E-8431-D04F87C21029}" = Nero 7 Essentials
"{2CB4A925-48A7-DA65-DCEE-D4DE224B7D84}" = CCC Help English
"{306D75B9-7FFF-FF65-0C76-57F2FE4FE1D6}" = Catalyst Control Center Core Implementation
"{32B12FE4-5A51-751A-1FB6-A14E97EBDD5C}" = CCC Help German
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{351512E5-01BD-E878-6F57-AA3E517D9ECE}" = Skins
"{354A387E-0374-21A3-6832-335674A6D7D1}" = CCC Help French
"{3C00BEE9-26D0-D9E0-A2D1-62F70D412A12}" = CCC Help Turkish
"{4346F7AA-3D56-0941-424C-4454E04D37F6}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CAE2F2C-75CD-A0DE-7520-449BCBBCC833}" = CCC Help Korean
"{57F7F0A5-8F22-8E63-E819-803B5C9CA3A5}" = CCC Help Dutch
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EA437D2-7A57-B60E-E8F2-76BFAC0895A5}" = CCC Help Chinese Traditional
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AF4E75-050E-0304-3417-8BC16417FEB1}" = CCC Help Greek
"{632005DA-C291-5275-284C-5EE96B05C714}" = Catalyst Control Center HydraVision Full
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011
"{6C72BE0C-3E25-CACD-0070-2FD9C02ABA14}" = ccc-core-preinstall
"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7D543DFE-6459-462A-9A62-B5B012B1DCF1}" = AVG 2011
"{880BB617-914E-17E8-D877-A96BAC5794D2}" = Catalyst Control Center Graphics Full New
"{8897CF22-DB6C-8248-895C-12BFA2677F51}" = CCC Help Hungarian
"{8D13EC59-1F8D-4988-8523-D5E8C2724C1D}" = Beowulf TM
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}" = AGEIA PhysX v7.11.13
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{AF710FDE-2815-8C8D-5281-8004C2654AA6}" = CCC Help Russian
"{AFF2D965-C6F2-A210-FBF7-532612AA1D23}" = CCC Help Swedish
"{B21336EE-4AEF-9940-4AC7-EDB89854B8D3}" = CCC Help Thai
"{BBA69346-61A1-BD34-E75A-4D81232DB1FE}" = Catalyst Control Center Localization All
"{BFD5ED08-F066-92D5-BE67-3B9AE5DCFF0C}" = CCC Help Japanese
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4609F15-FB3C-D97E-BAA1-4F10815039C2}" = Catalyst Control Center Graphics Full Existing
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01FAC3D-86B4-3A19-9D10-9156A0EB3EBE}" = CCC Help Finnish
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D73722C8-3F65-C75B-A631-5D36894DAB92}" = ccc-core-static
"{D95ED581-3C67-4BB4-AA50-DDCC6A97226D}" = ArcSoft PhotoStudio 5.5
"{DDAD33B6-8C00-428D-087B-A7088355B9BE}" = Catalyst Control Center Graphics Light
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E333F074-FC7F-596D-3D61-44F0EC28E8C0}" = ccc-utility
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{FA38F9E4-BED7-E021-B660-8FDFF7EC6E1A}" = CCC Help Norwegian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AlawarGameBox" = Alawar Game Box
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ALZip_is1" = ALZip
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Czech Soccer Manager 2002 FE" = Czech Soccer Manager 2002 FE
"Easy-WebPrint" = Easy-WebPrint
"ECSP MHD Simulator 2007" = ECSP MHD Simulator 2007
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"Lexmark 1200 Series" = Lexmark 1200 Series
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"N360" = Norton 360
"NVIDIA Drivers" = NVIDIA Drivers
"Sierra Utilities" = Sierra Utilities
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"gamealarm-DEFAULT" = Game Alarm
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.11.2011 15:15:05 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:00:43 | Computer Name = BIGC-8B78200F16 | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 109.0.4.9, chybující modul
ntdll.dll, verze 5.1.2600.3520, adresa chyby 0x00018af2.
Error - 11.11.2011 12:03:09 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:07:01 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:07:20 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 11.11.2011 12:31:33 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 13.11.2011 2:40:58 | Computer Name = BIGC-8B78200F16 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 13.11.2011 15:32:58 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 13.11.2011 17:31:52 | Computer Name = BIGC-8B78200F16 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.11.2011 16:52:32 | Computer Name = BIGC-8B78200F16 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.2180, chybující modul
medialibrarynse.dll, verze 1.5.13.0, adresa chyby 0x0000279d.
[ System Events ]
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:28 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
Error - 19.11.2011 16:52:29 | Computer Name = BIGC-8B78200F16 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby NMIndexingService
s argumenty za účelem spuštění serveru: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7}
< End of report >
Re: kontrola logu-pouze nouzoví režim
Trvate na antiviru avg? U nas neni moc obliben a doporucovan - slabsi detekce, vyssi zatez systemu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola logu-pouze nouzoví režim
Dobrý den,na antiviru AVG netrvám.Dám na Vaše rady a doporučení.
Re: kontrola logu-pouze nouzoví režim
Omlouvam se za zdrzeni, mel jsem problemy s netem Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
msconfig- Kliknete na OK
- Prepnete se na zalozku Spuštění počítače
- Podivejte se, ci nemate zaskrtnute Bezpecne spousteni - pokud ano, tak odskrtnete
- Nasledny restart by jiz mel vest do normalniho rezimu
Odinstalujte avg Pouzijte jeste remover http://download.avg.com/filedir/util/su ... 1_1184.exe Jsou tam jeste pozustatky Symantecu, takze pouzijte tohle ftp://ftp.symantec.com/public/english_u ... l_Tool.exe a jeste tohle http://download.mcafee.com/products/lic ... s/MCPR.exe na zbytky McAfee Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2011.07.26 09:16:02 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.alawarhry.cz IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... p=aus&qkw=%s&tbid=%tb_id&%language IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () IE - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://www.seznam.cz/firefox/" FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4e832bd3&v=7.008.031.001&i=27&tp=ab&iy=&ychte=us&lng=cs&q=" [2010.12.09 19:05:03 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\{6a210611-2f33-4926-bf27-3fd9af8266eb} [2011.07.24 14:06:50 | 000,000,000 | ---D | M] ("Inbox Toolbar") -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\inboxcomtoolbar@inbox.com [2011.10.21 13:01:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\extensions\staged [2011.08.04 13:39:18 | 000,002,305 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qgcnn9kw.default\searchplugins\inbox-hledn.xml File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\APPGRAFFITI@APPGRAFFITI.COM File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\QGCNN9KW.DEFAULT\EXTENSIONS\INBOXCOMTOOLBAR@INBOX.COM File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\COFFPLGN_2010_9_0_6 File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATA APLIKACĂ\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPLGN [2011.10.14 13:31:01 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4 [2011.10.01 05:15:58 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.008.031.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED CHR - default_search_provider: AVG Secure Search (Enabled) CHR - default_search_provider: search_url = http://search.avg.com/?d=4e1f31b2&v=7.5 ... -chrome&q={searchTerms} CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... =chrome&q={searchTerms} CHR - Extension: AVG Safe Search = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\ O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll () O3 - HKU\S-1-5-21-583907252-1454471165-725345543-500\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ] [3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\MP130,110\*.tmp files -> C:\WINDOWS\MP130,110\*.tmp -> ] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [2 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ] @Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"=- "LanguageShortcut"=- "NeroFilterCheck"=- "QuickTime Task"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "SunJavaUpdateSched"=- "KernelFaultCheck"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "Steam"=- :services gupdate gupdatem NBService NMIndexingService Cyberlink RichVideo Service(CRVS) :files C:\Program Files\AVG C:\Program Files\Inbox Toolbar C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\WGASetup.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola logu-pouze nouzoví režim
Dobrý den když udělám ten první krok,tak mi to stále nejde v normálnim režimu,takže nevím zda mám pokračovat dál.
Re: kontrola logu-pouze nouzoví režim
Co se stane kdyz se snazite dostat do normalniho rezimu "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: kontrola logu-pouze nouzoví režim
při zapnutí to normálně nabíhá,ale když by se měla ukázat normální obrazovka,tak to z černá a objeví se tam na obrazovce tabulka od monitoru kde je napsáno check signal.
Re: kontrola logu-pouze nouzoví režim
Zkontrolujte zda-li mate dobre zapojenou graf. kartu, pripadne ji vytahnete a zasunte zpatky.
Taktez zkontrolujte kabelaz od GK k monitoru
Taktez zkontrolujte kabelaz od GK k monitoru
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?